Has anyone integrated O365/Azure using SAML 2.0. Please note, we already have WS-Fed integration setup. What i am looking here is for SAML integration with O365 having CA SSO as IDP and O365 as SP. If anyone has done this please share some document or please provide your views and ideas on how to achieve.
Could you please assist on this?
I would suggest have a read on these blogs. Let is know if there are specific questions. There are details in these blogs.
Microsoft Office 365 - CA Single Sign-On - 12.8 - CA Technologies Documentation
SM -O365 Federation
O365 Integration with CA SSO
We do already have this setup using WS-Federation, What we are looking is to achieve the same thing using SAML 2 IDP (CA SSO as IDP and O365 as SP).
Is it possible?
The reason is, we are trying to do a fall back from Kerberos to SAML, if Kerberos doesn't work !!!.. I know this is weird, but we want to try...
We haven't tested purely with SAML across the board, but if Microsoft/Azure supports SAML 2.0 HTTP POST, it is worth giving a try. Atleast for the passive profile it should be a BAU / OOB SAML 2.0 IdP --> SP Partnership. At this point in time don't know even if we get the Passive Profile to work, would it work with Active Profile (There is no provision for defining STS configuration within the SAML Partnership, as we have within the WSFED partnership).
Was able to achieve this having SAML as IDP to SP, with entity as remote SP and local IDP. And pass the assertion to cloud O365.
thank you. HubertDennis